Discuss Dropbox Developer & API
Hi,
I found changes in OAuth2 for API, so the authorization could be done with offline access, ascuirung both Access and Refresh tokens. This part is OK, with ProcessCodeFlow method in SDK. But could not find any method to refresh access token using saved refresh token.
Can you please help me with this case?
Thanks,
@OFV When your "DropboxClient is instantiated with the Access_token and refresh token", are you also supplying the app key and secret? Those are required to perform the refresh. Make sure you're doing so, like in the example here.
Yes I am using the appid and appsecret. I'm using the constructor as in the example, with the addition of the access token expiry date:
CurrentClient = new DropboxClient(accessToken, refreshToken, expiryDate, appKey, appSecret, config);
The access token returned starts with sl. and is 139 bytes long. The refresh token starts with 1y_ and is 64 bytes long.
Fetching data from the api works up to the expiry date, which was set to 2020-12-09 17:37:48. After that fetching data takes a few minutes (!!) before throwing the exception.
I found 2 possible culprits:
- My code wasn't properly "asynced", which I know I have to avoid: eg: ListFolderAsync(xxx).result(). I recursively converted all methods to async (which was a long way up), and got rid of the .result calls. (I know these calls result in timeouts when exceptions occur inside)
- In the Dropbox App console for our app, under OAuth section: The "access token expiration" was still set to "no expiration", which I now set to "short lived".
With these 2 updates, it now seems to run (with original accesss token still from yesterday).
Gevorg,
Thanks for the help, but it wroks for me now, even with the extra params in the constructor.
My issue was due to the 2 culprits I described in my previous post.
I am saving only the refresh token to database and using dropboxClient with refresh token, appkey, appsecret constructor. Do I need to save the access token also and use accessToken, refreshToken, appKey, appSecret, config constructor instead. What is the difference between them?
@abeyaz GevorgMel is correct, you do not need to supply the access token as well. That is optional, since only the refresh token, app key, and app secret are actually needed to perform the refresh to get a new short-lived access token.
Thank you. Documentation says refresh tokens are long-lived. How long exactly? Say it is 6 months, does it mean we need to involve client again to get a new authentication code and then a new refresh token ?
@abeyaz Refresh tokens don't expire by themselves, but they can be revoked on demand by the user/app.
Hi there!
If you need more help you can view your support options (expected response time for a ticket is 24 hours), or contact us on X or Facebook.
For more info on available support options for your Dropbox plan, see this article.
If you found the answer to your question in this Community thread, please 'like' the post to say thanks and to let us know it was useful!